| | I am revisiting splunk to see if it will meet our goals. Right now I am working on the initial index of our data gat... 0 4 | 0 | 4 | |
| | Our indexer and all forwarders are running 4.1.2. Recently we developed a need to send events from our forwarders in... 1 3 | 1 | 3 | |
| | What is the relationship between size of logs received by Splunk indexing servers versus indexing volume? On the load... 0 1 | 0 | 1 | |
| | I have a deployment server app with a single inputs.conf file. [tcp://localhost:9997] sourcetype = tcp-raw index = p... 1 2 | 1 | 2 | |
| | I want to use Splunk to monitor the error output of a telephone switch. I can easily see the data by connecting to th... 0 5 | 0 | 5 | |
| | I have the following in inputs.conf: [udp://32004] host = custom_host connection_host = non... 3 3 | 3 | 3 | |
| | Hi, I have a development support question. We have an application that is integrated with splunk. We have a C++ p... 2 1 | 2 | 1 | |
| | we only want to save the log info for 2 weeks. I tried to set this up by modifying the frozen time, but it doesn’t s... 1 3 | 1 | 3 | |
| | Suppose I splunk a file and it is gzip'd on disk under the appropriate Splunk index directory. Then let's say I con... 1 1 | 1 | 1 | |
| | I am trying to use a host name in the stanza [udp://foo.514] but the name is not taking, on the same subject if I hav... 1 3 | 1 | 3 | |
| | I'm writing an app that I know will index loads of data and then do some calculations on changes from day to day. To ... 2 2 | 2 | 2 | |
| | Forwarding a question: "... attempting to setup a lookup table. Each time I save an automatic lookup it always retur... 0 1 | 0 | 1 | |
| | Hi, Been trying to backup and restore of Splunk indexer and the steps that I took to backup our splunk server is: - ... 1 2 | 1 | 2 | |
| | If our app's inputs.conf uses an index other than "main" (e.g. a custom index for our app) does our app's setup UI (o... 1 5 | 1 | 5 | |
| | Does a forwarder keep using the initial TCP connection to the indexing server, or does it close the connection after ... 2 1 | 2 | 1 | |
| | Hi there. I'm new to splunk. Having a bit of trouble getting my head around it ( I know SQL well ) . I want to get... 1 2 | 1 | 2 | |
| | I am perplexed with what I'm experiencing right now. I have all the file inputs enabled for monitor but I'm not seei... 1 2 | 1 | 2 | |
| | I monitor a log file (access_log) that gets rolled every night at 1 am using a copy command "cp /dev/null access_toda... 1 3 | 1 | 3 | |
| | Trying to configure a deployment server to support multiple organizations. I have created a directory structure withi... 0 1 | 0 | 1 | |
| | I am creating an app for Splunk 4.1 that has a scripted input that retrieves data from a database. At first run, it w... 2 5 | 2 | 5 | |
| | I need to move my Splunk install from one server to another... What's is the procedure to backup the configuration/in... 1 3 | 1 | 3 | |
| | Let's say I have a distributed Splunk environment, n indexers, one search head and a forwarder load balancing input d... 3 2 | 3 | 2 | |
| | Hi, I am collecting event logs thru WMI for Windows 2000 and 2003 servers, for 2003 everything seem ok but for 2000 ... 2 2 | 2 | 2 | |
| | How do keep splunk from removing syslog priority fields? They are removed once indexed into splunk. 0 3 | 0 | 3 | |
| | Since I updated our server to 4.1.2 I'm seeing the following error with most searches. The lookup table 'sid_look... 2 2 | 2 | 2 | |
